Password Security Woes: You Can Avoid Hackers

If you're keeping up with cyber-security news, there is no doubt that you've heard about the LastPass breach. Irony alert? Really CNN? Maybe you should stick with covering airplane crashes. Their coverage only serves to reinforce popular opinion that "this is never going to happen to me anyway and now the experts who said to use a password manager are wrong." Completely irresponsible, CNN.

By the way, if you like CNN Money, did you know that all these trackers are following your every move when you visit their site? I understand the profit motive and using technology to enhance your marketing...but sheesh.

Now, back to LastPass: As of Wednesday, June 17, I personally have hundreds of sensitive logins stored at LastPass.com. I'm not at all concerned about the breach. Why?

Second, I implemented "multi-factor" authentication. This means that I use an app on my iPhone to generate a constantly changing code that is necessary to login make my ridiculously complex and encrypted password actually work.

So, if some Chinese military hacker wants to fly over here, whack me over the head, rummage through my pockets, steal my iPhone, use my lifeless fingerprint to login to my phone, and access my LastPass account...THEN I have a problem.

Until then, the bigger problem is that the United States government - yeah, I'm looking at you Office of Personnel Management - is storing data on citizens with security clearances that aren't encrypted. So when the Chinese hack their systems, they effectively have a "who's who" prospect list for foreign espionage.